Verfassungsblog (Aug 2024)
Strengthening the EU Legal Edifice for Data Transfers
Abstract
GDPR provides the rulebook for international transfers of personal data from the EU and serves as the vehicle through which EU data protection law interacts with the wider world. However, the EU seems ambivalent about deciding how far it can expect third countries to adopt data protection standards similar to its own. Moreover, DPAs often fail to scrutinize data transfers to third countries that may lack the rule of law. Finally, the EU lacks a comparative methodology for assessing data protection equivalence in third countries. It is essential for the EU to elevate the public discourse so that the global significance of data transfers is recognized.
Keywords
